Cyberdudebivash

  Executive Snapshot What’s new: An Iran-nexus espionage cluster tracked as UNC1549 / “Subtle Snail” is running HR/recruiter pretexts (job invites, interview scheduling, benefits alerts) to steal corporate logins—especially in telecom, aerospace, and defense . Researchers and trade press flagged fresh waves this week. Communications Today +3 The Hacker News +3 Industrial Cyber +3 Why “snail”? Two meanings: (1) the actor name Subtle Snail linked to these HR imitations; (2) the slow-burn social technique—no loud urgency, just plausible HR tasks that quietly bypass suspicion until it’s too late. Recent vendor psychology research shows urgency and authority cues drive clicks; “snail” flips the urgency dial down while keeping the authority of HR. Abnormal AI It’s not just APT: Criminals also mimic internal HR (“bonus,” “policy changes,” training ), and the Workday incident shows how phone/SMS HR impersonation fuels broader phishing waves. HR-themed emails remain amon...